Unencrypted volumes detected
Scenario
AWS Config identified EC2 instances with unencrypted attached volumes
How do I investigate?
- Using the AWSLandingZoneReadOnlyRole navigate to the Security Account and review the AWS Config Dashboard
- Select Rules under the Aggregated view from the side menu
- Change the *Compliance status *filter from All to Noncompliant
- Select the LZ-AttachedVolumesEncrypted-v1 rule and review the non-compliant resources
- Note the account and region where the resources are located
- To review the rule details:
- Select Rules below the Dashboard in the side menu
- Scroll down and select the LZ-AttachedVolumesEncrypted-v1 rule
Team Discussion
- How would you prevent the EBS volumes from getting created without encryption?
- How would you deploy the solution to all accounts within the AWS Organization?
- How would you instruct the application team to remediate the volume encryption on the non compliant resources?
Resources